package com.qianfeng.config;

import com.qianfeng.security.handlers.MySuccessHandler;
import com.qianfeng.security.service.MyUserDetailService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;

/*
 *WebSecurityConfigurerAdapter适配器
 *@Description:
 *@author:刘哥
 *@Date:86180 2022/9/16 11:46
 */
@EnableWebSecurity
@Component
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    private MySuccessHandler mySuccessHandler;
    @Autowired
    public void setMySuccessHandler(MySuccessHandler mySuccessHandler) {
        this.mySuccessHandler = mySuccessHandler;
    }

    private MyUserDetailService myUserDetailService;
    @Autowired
    public void setMyUserDetailService(MyUserDetailService myUserDetailService) {
        this.myUserDetailService = myUserDetailService;
    }

    //    棉麻编码器
    private BCryptPasswordEncoder bCryptPasswordEncoder;
    @Autowired
    public void setbCryptPasswordEncoder(BCryptPasswordEncoder bCryptPasswordEncoder) {
        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
    }

    /**
     * 进行认证配置,登录时用
     * @param auth
     * @throws Exception
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth.userDetailsService(myUserDetailService)//登录是如何查询数据库的方法
               .passwordEncoder(bCryptPasswordEncoder);//校验密码的加密方法
    }

    /**
     * 这个我们主要配置的不需要经过security的地址,过滤器会直接放行的地址
     * @param web
     * @throws Exception
     */
    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/js/**",
                "/css/**",
                "/users/registry",
                "/websocket/*",
                "/humiture/*",
                "/colorcommand/*",
                "/swagger-ui.html",
                "/swagger-ui/*",
                "/swagger-resources/**"
        );
    }
    /**
     * 在这里我们可以配置一些基本信息, 比如可以通过配置的方式来指定我们的地址需要的权限,可以配置登录和退出相关的东西
     * @param http the {@link HttpSecurity} to modify
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();//开启跨域访问
        http.authorizeRequests()
                .and().formLogin()
                .loginProcessingUrl("/login")//配置登录路径,默认的有不需要配置
//                .successForwardUrl()//登录成功后的路径可以设置为返回首页等等
//                .failureForwardUrl()//登录失败后的路径
                .successHandler(mySuccessHandler)//登录成功后的业务
              // .failureHandler()//自定义登录失败后做什么业务
                .permitAll()//上面设置的地址不要登录就可以放行
                .and() .logout().logoutUrl("/logout")//退出登录的路径
                .logoutSuccessUrl("/login")//退出成功后跳转到什么地方
//                .logoutSuccessUrl()//退出登录成功后的操作
                .and().authorizeRequests().anyRequest().authenticated();//除了上面的地址外都需要登录才可以访问
    }
}
